summaryrefslogtreecommitdiff
path: root/modules/caddytls
diff options
context:
space:
mode:
authorMatthew Holt <mholt@users.noreply.github.com>2022-07-28 14:50:51 -0600
committerMatthew Holt <mholt@users.noreply.github.com>2022-07-28 14:50:51 -0600
commit1bdd451913c065ce555d4e2bdb891946b61ffd87 (patch)
treeb248634f888331615ca8a693b91b33e1b6c483c9 /modules/caddytls
parentea8df6ff114299058593530d24fe244201525b9a (diff)
caddytls: Remove PreferServerCipherSuites
It has been deprecated by Go
Diffstat (limited to 'modules/caddytls')
-rw-r--r--modules/caddytls/connpolicy.go5
1 files changed, 1 insertions, 4 deletions
diff --git a/modules/caddytls/connpolicy.go b/modules/caddytls/connpolicy.go
index d6304a9..4280f0a 100644
--- a/modules/caddytls/connpolicy.go
+++ b/modules/caddytls/connpolicy.go
@@ -172,8 +172,7 @@ func (p *ConnectionPolicy) buildStandardTLSConfig(ctx caddy.Context) error {
// so the user-provided config can fill them in; then we will
// fill in a default config at the end if they are still unset
cfg := &tls.Config{
- NextProtos: p.ALPN,
- PreferServerCipherSuites: true,
+ NextProtos: p.ALPN,
GetCertificate: func(hello *tls.ClientHelloInfo) (*tls.Certificate, error) {
// TODO: I don't love how this works: we pre-build certmagic configs
// so that handshakes are faster. Unfortunately, certmagic configs are
@@ -475,8 +474,6 @@ func setDefaultTLSParams(cfg *tls.Config) {
if cfg.MaxVersion == 0 {
cfg.MaxVersion = tls.VersionTLS13
}
-
- cfg.PreferServerCipherSuites = true
}
// LeafCertClientAuth verifies the client's leaf certificate.